Solved: Internet VPN connection disconnects

DavidNieves · ‎04-25-2013

Good afternoon,

I have Cisco VPN Client and several established connections. When I connect to them I connected either to the VPN, I can perfectly access to the network and their teams. But I have a problem on one of the connections, and is well connected to the VPN, connect to servers and stuff, but I block internet access to the computer. It is the only connection that happens to me.

The thing is that the internet still works really, otherwise there would remain active VPN connection not let me in to the server.

I noticed in the log and when I try to access the internet does not connect and the log enters a loop that reads:

728 12:59:59.978 04/25/13 Sev=Info/5 IKE/0x63000040

Received DPD ACK from xxx.xxx.xxx.xxx, seq# received = 2818950532, seq# expected = 2818950532

729 13:00:09.963 04/25/13 Sev=Info/6 IKE/0x63000055

Sent a keepalive on the IPSec SA

730 13:00:10.463 04/25/13 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to xxx.xxx.xxx.xxx

731 13:00:10.463 04/25/13 Sev=Info/6 IKE/0x6300003D

Sending DPD request to xxx.xxx.xxx.xxx, our seq# = 2818950533

732 13:00:10.503 04/25/13 Sev=Info/5 IKE/0x6300002F

Received ISAKMP packet: peer = xxx.xxx.xxx.xxx

733 13:00:10.503 04/25/13 Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from xxx.xxx.xxx.xxx

734 13:00:10.503 04/25/13 Sev=Info/5 IKE/0x63000040

Received DPD ACK from xxx.xxx.xxx.xxx, seq# received = 2818950533, seq# expected = 2818950533

735 13:00:19.977 04/25/13 Sev=Info/6 IKE/0x63000055

Sent a keepalive on the IPSec SA

736 13:00:20.978 04/25/13 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to xxx.xxx.xxx.xxx

737 13:00:20.978 04/25/13 Sev=Info/6 IKE/0x6300003D

Sending DPD request to xxx.xxx.xxx.xxx, our seq# = 2818950534

738 13:00:25.986 04/25/13 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to xxx.xxx.xxx.xxx

739 13:00:25.986 04/25/13 Sev=Info/6 IKE/0x6300003D

Sending DPD request to xxx.xxx.xxx.xxx, our seq# = 2818950535

740 13:00:29.991 04/25/13 Sev=Info/6 IKE/0x63000055

Sent a keepalive on the IPSec SA

..............

2422 14:20:31.267 04/25/13 Sev=Info/6 IKE/0x6300003D

Sending DPD request to yyy.yyy.yyy.yyy, our seq# = 2261259166

2423 14:20:31.297 04/25/13 Sev=Info/5 IKE/0x6300002F

Received ISAKMP packet: peer = yyy.yyy.yyy.yyy

2424 14:20:31.297 04/25/13 Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from yyy.yyy.yyy.yyy

2425 14:20:31.297 04/25/13 Sev=Info/5 IKE/0x63000040

Received DPD ACK from yyy.yyy.yyy.yyy, seq# received = 2261259166, seq# expected = 2261259166

2426 14:20:41.782 04/25/13 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to yyy.yyy.yyy.yyy

2427 14:20:41.782 04/25/13 Sev=Info/6 IKE/0x6300003D

Sending DPD request to yyy.yyy.yyy.yyy, our seq# = 2261259167

2428 14:20:41.812 04/25/13 Sev=Info/5 IKE/0x6300002F

Received ISAKMP packet: peer = yyy.yyy.yyy.yyy

2429 14:20:41.812 04/25/13 Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from yyy.yyy.yyy.yyy

2430 14:20:41.812 04/25/13 Sev=Info/5 IKE/0x63000040

Received DPD ACK from yyy.yyy.yyy.yyy, seq# received = 2261259167, seq# expected = 2261259167

2431 14:20:52.299 04/25/13 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to yyy.yyy.yyy.yyy

2432 14:20:52.299 04/25/13 Sev=Info/6 IKE/0x6300003D

Sending DPD request to yyy.yyy.yyy.yyy, our seq# = 2261259168

2433 14:20:52.329 04/25/13 Sev=Info/5 IKE/0x6300002F

Received ISAKMP packet: peer = yyy.yyy.yyy.yyy

2434 14:20:52.329 04/25/13 Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from yyy.yyy.yyy.yyy

2435 14:20:52.329 04/25/13 Sev=Info/5 IKE/0x63000040

Received DPD ACK from yyy.yyy.yyy.yyy, seq# received = 2261259168, seq# expected = 2261259168

2436 14:21:02.811 04/25/13 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to yyy.yyy.yyy.yyy

2437 14:21:02.814 04/25/13 Sev=Info/6 IKE/0x6300003D

Sending DPD request to yyy.yyy.yyy.yyy, our seq# = 2261259169

..............

4807 16:03:35.041 04/25/13 Sev=Info/6 IKE/0x6300003D

Sending DPD request to yyy.yyy.yyy.yyy, our seq# = 2261259640

4808 16:03:35.071 04/25/13 Sev=Info/5 IKE/0x6300002F

Received ISAKMP packet: peer = yyy.yyy.yyy.yyy

4809 16:03:35.071 04/25/13 Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from yyy.yyy.yyy.yyy

4810 16:03:35.071 04/25/13 Sev=Info/5 IKE/0x63000040

Received DPD ACK from yyy.yyy.yyy.yyy, seq# received = 2261259640, seq# expected = 2261259640

4811 16:03:45.537 04/25/13 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to yyy.yyy.yyy.yyy

4812 16:03:45.537 04/25/13 Sev=Info/6 IKE/0x6300003D

Sending DPD request to yyy.yyy.yyy.yyy, our seq# = 2261259641

4813 16:03:45.567 04/25/13 Sev=Info/5 IKE/0x6300002F

Received ISAKMP packet: peer = yyy.yyy.yyy.yyy

4814 16:03:45.567 04/25/13 Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from yyy.yyy.yyy.yyy

4815 16:03:45.567 04/25/13 Sev=Info/5 IKE/0x63000040

Received DPD ACK from yyy.yyy.yyy.yyy, seq# received = 2261259641, seq# expected = 2261259641

And on forever ..... I tried to contact technicians have the VPN server, but it says that everything is correct and that it is something on my network.

I on my network I have no firewall in between, or the router.

When I connect I get a Ip, for example:

IP: 192168118105

Mask: 255.255.252.0

Default Gateway: 192.168.116.1.

But I can not even ping the gateway! Also gives me a DNS set:

-192.168.24.170

-192.168.24.171

But I get the DNS either!

It also gives me as primary WINS server

-10.6.1.92

And as a child:

-10.168.100.92

Anyway, the idea is to connect to internet through the computer that has the established VPN connection, connect to the VPN and then Remote Desktop through a test server. But then, when I connect to the VPN cuts my remote desktop through internet had!

I spoke with them several times since in my network I see NOTHING rare, indeed, none of the other connections gives me problems, just that.

Another thing I noticed is that the option to Status -> statictics -> Route details, as Secured Routes gives me the Ip 0.0.0.0, and other VPN connections give me some Ip ....

I have also checked the option to IPSec Over UDP (NAT / PAT) .....

Any idea who might be failing?

Thanks in advance, Bye!

sokakkar · ‎05-01-2013

Hi David,

You mentioned "Another thing I noticed is that the option to Status -> statictics -> Route details, as Secured Routes gives me the Ip 0.0.0.0, and other VPN connections give me some Ip ...." this means that there is no split tunneling configured on VPN server. 'Route details' section defines the destinations which you will be able to access over VPN and this is pushed by your VPN server.

So, if you see 0.0.0.0 in above section, all traffic from your computer goes over the VPN tunnel to server including internet traffic. Two possibilities:

- That is the expected flow, should work if VPN server has required config to route the internet traffic.

- If not, and you only use VPN to access certain resources and internet should still work locally, in that case VPN server end config has to be modified to configure split tunnel so that it instead of pushing '0.0.0.0' route sends a route like 'x.x.x.x' where 'x.x.x.x' is the resource behind VPN tunnel. In that way, internet will work locally.

Either way, its a config issue at VPN server end.

Simple explanation of split tunneling:

http://en.wikipedia.org/wiki/Split_tunneling

HTH.

-

Sourav

View solution in original post

sokakkar · ‎05-01-2013

Hi David,

You mentioned "Another thing I noticed is that the option to Status -> statictics -> Route details, as Secured Routes gives me the Ip 0.0.0.0, and other VPN connections give me some Ip ...." this means that there is no split tunneling configured on VPN server. 'Route details' section defines the destinations which you will be able to access over VPN and this is pushed by your VPN server.

So, if you see 0.0.0.0 in above section, all traffic from your computer goes over the VPN tunnel to server including internet traffic. Two possibilities:

- That is the expected flow, should work if VPN server has required config to route the internet traffic.

- If not, and you only use VPN to access certain resources and internet should still work locally, in that case VPN server end config has to be modified to configure split tunnel so that it instead of pushing '0.0.0.0' route sends a route like 'x.x.x.x' where 'x.x.x.x' is the resource behind VPN tunnel. In that way, internet will work locally.

Either way, its a config issue at VPN server end.

Simple explanation of split tunneling:

http://en.wikipedia.org/wiki/Split_tunneling

HTH.

-

Sourav

DavidNieves · ‎05-06-2013

Thanks sokakkar, I have been much help since I'm not familiar with Cisco VPN. It all makes more sense

A greeting!

sokakkar · ‎05-06-2013

No Problem David.

Glad I could help :-)

-

Sourav